Committer to address 2 CVE's against strongswan

Dewayne Geraghty dewayne.geraghty at heuristicsystems.com.au
Wed May 14 22:31:01 UTC 2014


Strongswan 5.1.1 has two CVE's that are corrected in the 5.1.3 release. 
The maintainer has provided a patch on 8th May, thank-you Francois.  The
patch applies cleanly and the patched strongswan 5.1.3 installs and
functions correctly.  I've installed it on two FreeBSD 9.2 (Stable) VPN
servers, and other tunnelling firewalls.

It would be appreciated if a ports committer could provide this patch
for the rest of the user-base, via a strongswan port update.

Refer:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/189132

CVE's that are addressed:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2338
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2891

Regards, Dewayne.


More information about the freebsd-ports mailing list